Skip to main content

Documentation Index

Fetch the complete documentation index at: https://conto.finance/docs/llms.txt

Use this file to discover all available pages before exploring further.

Defaults

This page is the single source of truth for default values in Conto. Other pages link here instead of restating values inline, so the docs stay consistent when defaults change.

Chains and currencies

The API/SDK and the CLI use different chain defaults on purpose. The API defaults to testnet so backend integrations are safe by default. The CLI defaults to mainnet because interactive operators usually want production.
SettingDefaultNotes
Default chain ID (API/SDK)42431 (Tempo Testnet)Applied when chainId is not supplied to POST /api/wallets or POST /api/sdk/payments/request.
Default chain ID (CLI)4217 (Tempo Mainnet)Used by create-conto-agent interactive prompts. Override with --chain.
Default chain typeEVMApplied to new wallets when omitted.
Default Tempo Mainnet currencyUSDC.eReturned in payment responses for chain 4217.
Default Tempo Testnet currencypathUSD (TIP-20)Returned in payment responses for chain 42431.
Default Base/Ethereum/Arbitrum/Polygon currencyUSDCResolved per chain by getPrimaryStablecoin(chainId).
Default Solana currencyUSDC (SPL)Resolved by chain ID solana-mainnet.

Explorer URLs

Tempo has two networks with two explorers. Each is canonical for its chain.
Chain IDNameExplorer
4217Tempo Mainnethttps://explore.tempo.xyz
42431Tempo Testnethttps://explore.moderato.tempo.xyz
EVM chains use the standard block explorers (basescan.org, etherscan.io, etc.) and Solana uses solscan.io / explorer.solana.com.

Wallets

POST /api/wallets applies these Zod defaults before persisting:
FieldDefault
walletTypeEOA
chainTypeEVM
chainId42431 (via getDefaultChain())
custodyTypePRIVY
isWatchOnlyfalse

Custody priority

The payment evaluator selects wallets in this order when an agent has multiple linked wallets: PRIVY > SPONGE > SMART_CONTRACT > EXTERNAL Executable custody (PRIVY, SPONGE) is preferred so platform-routed payments do not need user intervention. POST /api/agents/{id}/wallets applies these defaults:
FieldDefaultNotes
delegationTypeLIMITEDOther values: FULL, VIEW_ONLY, PREAPPROVED, ALLOWLIST.
spendLimitPerTx100USD. null means unlimited.
spendLimitDaily1000null means unlimited.
spendLimitWeeklynullUnlimited unless set.
spendLimitMonthlynullUnlimited unless set.
allowedHoursStart0Hour of day, 0-23.
allowedHoursEnd24Hour of day, 1-24.
allowedDays['Mon','Tue','Wed','Thu','Fri']Use full 7-day list to allow weekends.
timezoneUTCIANA names accepted (America/New_York, etc.).
null on any spend limit means “unlimited”. Do not confuse with 0, which blocks every payment.

External-wallet auto-create

When POST /api/sdk/payments/approve is called with a senderAddress that does not yet exist in the organization, Conto creates an EXTERNAL wallet automatically with:
FieldDefault
spendLimitPerTxnull (unlimited per transaction)
spendLimitDaily1000 USD
spendLimitWeekly5000 USD
spendLimitMonthly20000 USD
custodyTypeEXTERNAL
enforcementModeMONITORING_ONLY
Tighten these via PATCH /api/agents/{agentId}/wallets/{walletId} before relying on them in production.

Approval tokens

EndpointToken TTL
POST /api/sdk/payments/request5 minutes
POST /api/sdk/payments/approve (external wallets)10 minutes
POST /api/sdk/cards/approve5 minutes
Tokens are single-use. After expiry, request approval again.

SDK keys

SettingDefaultNotes
expiresInDays365Required field with sane default.
Max expiresInDays7302-year hard cap.
Key format (standard)conto_agent_...Per-agent. Used for payment operations.
Key format (admin)conto_agent_...Per-agent. Adds agents:write, wallets:write, policies:write.
Org API key formatconto_...Org-level. Used with ContoAdmin.
Full keys are returned only once at creation. Store them immediately.

Payment requests

SettingDefault
currency (on POST /api/transactions)USDC
urgencyNORMAL
autoExecutefalse
Idempotency windowIndefinite. Same idempotencyKey + same payload returns the cached result. Different payload returns 409 IDEMPOTENCY_CONFLICT.

Policy evaluation

SettingDefaultNotes
Policy priority directionHigher firstevaluatePolicyRules sorts by descending priority.
Default policy priority50Use 0-100. Reserve 90+ for overrides.
Rule combinationANDAll rules in a policy must pass.
Policy combinationANDAll policies assigned to an agent must pass. First DENY stops evaluation.
Counterparty trust storageDecimal 0.0-1.0Rule values for TRUST_SCORE use the same scale. Defaults to 0.5 (UNKNOWN).

Counterparties

FieldDefault
trustScore0.5
trustLevelUNKNOWN
riskLevelMEDIUM
verifiedfalse
typeVENDOR
Trust levels map to score ranges:
RangeLevel
0.75 - 1.0TRUSTED
0.5 - 0.75VERIFIED
0.2 - 0.5UNKNOWN
0.0 - 0.2BLOCKED

Rate limits

Endpoint groupLimitWindowKey
SDK payment endpoints601 minutePer agent
SDK read endpoints1201 minutePer agent
Auth endpoints105 minutesPer IP
Account auth55 minutesPer account
Dashboard1001 minutePer user
Sliding window. Upstash Redis in production, in-memory fallback in dev. Fails closed on Redis errors.

Pagination

FieldDefault
limit50
Max limit100
offset0
Paginated responses return { items, total, limit, offset }.

Webhook delivery

SettingDefault
Max retries3
BackoffImmediate, then 1s, then 4s
Timeout10 seconds
Signature headerX-Conto-Signature (HMAC-SHA256)
Required schemeHTTPS (HTTP and private IPs blocked)

Auto-freeze thresholds

TriggerDefault threshold
CONSECUTIVE_VIOLATIONS5
CONSECUTIVE_FAILURES5
SPEND_VELOCITY3x normal
LARGE_TRANSACTION_ANOMALY10x normal
TRUST_SCORE_BELOW_THRESHOLD<0.2
TRUST_SCORE_DROP30%
RAPID_COUNTERPARTY_SWITCHING10 per hour
Tunable via PATCH /api/agents/{id}/freeze-config.

Org roles

OrgRole enum: OWNER, ADMIN, MANAGER, MEMBER, VIEWER. New members default to MEMBER. See Roles and permissions for the permission matrix.